Currently, an increasing rate of fraud in Automated Teller Machine (ATM) and credit card transactions, including online transactions, and online banking authentication issues, are significant concerns in electronic consumer transactions. Previous attempts at resolving some of the existing issues offer a solution in only one segment, while failing to address issues in other segments. For example, one such attempt employs token-based user authentication, which requires additional issuance and administration of a hardware security token. Such security tokens are bulky, which makes it inconvenient for users to carry more than a few of the security tokens. Another such attempt relies on Short Message Service (SMS) messages to a mobile device, which may be subject to an SMS attack, and SMS messages are slow and not always reliable.
Other attempts rely, for example, solely on mobile devices for user authentication in mobile banking transactions. A further attempt provides credit card image recognition to read credit card account numbers and proof of the user owning the credit card, which has an inherent weakness of being unable to verify that the credit card is real. Additional attempts employ Near Field Communication (NFC) in transactions, but NFC does not resolve user authentication and backend banking security issues. Still other attempts involve storing credit card information on a mobile device as a personal cash management tool, which does not effectively address the issue of user authentication to the mobile device, and the person who possesses the phone also possesses the maximum value of the credit limit and therefore the risk is not well contained.
There is a present need for a solution that resolves all of the foregoing issues in an end-to-end approach for providing, for example, a multifactor user authentication that is natural and convenient to a user, while providing much higher authentication security than is currently available.